The DS_VideoDecoder_Open function in loader/dshow/DS_VideoDecoder.c
in MPlayer 1.0rc1 and earlier does not set the biSize before use in a
memcpy, which allows user-assisted remote attackers to cause a buffer
overflow and possibly execute arbitrary code.

Updated packages have been patched to address this issue.
_______________________________________________________________________